Описание
XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.
XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-8590
- https://erpscan.io/advisories/erpscan-14-015-sap-netweaver-as-java-xxe
- https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98581
- https://service.sap.com/sap/support/notes/2045176
- http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition
- http://www.securityfocus.com/bid/71023
EPSS
Процентиль: 76%
0.00963
Низкий
CVE ID
Связанные уязвимости
nvd
больше 11 лет назад
XML external entity (XXE) vulnerability in the Web Service Navigator in SAP NetWeaver Application Server (AS) Java allows remote attackers to access arbitrary files via a crafted request.
EPSS
Процентиль: 76%
0.00963
Низкий